<?php
echo "<html><head>";
 
echo "</head><body>";
echo "<center><table>";
echo "<tr><td colspan=2 align=center><img src='../images/char_tra.jpg' alter=wow></td></tr>";
echo "<link href='style.css' type='text/css' rel='stylesheet'>"; 
if(isset($_POST['submit']))
{ 

        $character = $_POST['character'];                               
        $password = $_POST['password'];                         
        $newAccount = $_POST['newAccount'];             
 
        //max players per account...is it 8? Change to whatever it is...
        $MAX_PLAYERS = 8;
 
        $con = mysql_connect($aHost.":".$aPort, $aUsername, $aPass) or die(mysql_error());
        mysql_select_db($aDatabase) or die(mysql_error());
 
        $character = mysql_real_escape_string(html_entity_decode(htmlentities($character)));
        $password = mysql_real_escape_string(html_entity_decode(htmlentities($password)));
        $newAccount = mysql_real_escape_string(html_entity_decode(htmlentities($newAccount)));
 
        $query = "SELECT accounts.acct, password FROM accounts INNER JOIN characters ON accounts.acct = characters.acct WHERE name = '".$character."' AND password = '".$password."'";
 
        $result = mysql_query($query) or die(mysql_error());
        $numrows = mysql_num_rows($result);
 
        echo "<tr><td align=center>";
 
        if($numrows == 0)
        {
                die("Your account information is incorrect!");
        }
        
        $query = "SELECT acct FROM accounts WHERE login = '".$newAccount."'";
        $result = mysql_query($query) or die(mysql_error());
 
        $numrows = mysql_num_rows($result);
 
        if($numrows == 0)
        {
                die("That account does not exist!<br>Please create the account or fix any errors!");
        }
        $row = mysql_fetch_array($result);
 
        $acct = $row[0];
 
        $query = "SELECT count(*) FROM characters WHERE acct = '".$acct."'";
        $result = mysql_query($query);
        $numrows = mysql_num_rows($result);
 
        $numChars = "";
 
        if($numrows == 0)
        {
                $numChars = 0;
        }
 
        $row = mysql_fetch_array($result);
        $numChars = $row[0];
 
        if($numChars == 0)
        {
                die("That account does not exist!<br>Account transfer was not completed!");
        }
        elseif($numChars >= $MAX_PLAYERS)
        {
                die("That account has the maximum number of players!<br>Account transfer was not completed!");
        }
        else
        {
                $query = "UPDATE characters SET acct = '".$acct."' WHERE name = '".$character."'";
                mysql_query($query);
        }
 
        echo "Player '".$character."' has been transfered to the account '".$newAccount."'";
 
        //close mysql connection
        mysql_close();
}
else
{
        echo "<form name=myform method=post action=".$_SERVER['PHP_SELF'].">";
 
        echo "<tr><td colspan=2 align=center><font size=4>Character Account Transfer</td></tr>";
 
        echo "<tr><td width=125>Character: </td><td><input type=text name=character value=''></td></tr>";
        echo "<tr><td width=125>Password: </td><td><input type=password name=password value=''></td></tr>";
        echo "<tr><td width=125>Transfer To: </td><td><input type=text name=newAccount></td></tr>";
        echo "<tr><td colspan=2 align=center><br><input type=submit name=submit value=Transfer></td></tr>";
        echo "</form>";
}
 
echo "</table></center>";
?> 